All news in category "Vendor and Hyperscaler Watch"

Google Cloud Bigtable Adds Tiered Storage for Hot/Cold Data

🔔 Google Cloud previewed Bigtable tiered storage, which automatically moves less-frequently accessed data from high-performance SSD storage to an infrequent access tier while exposing the same Bigtable API. The fully managed feature integrates with Bigtable autoscaling so applications can read and write across hot and cold tiers via a single interface. Google says the infrequent access tier can be up to 85% less expensive than SSD and that a tiered-storage node offers substantially more usable capacity, making it suited for large time-series and telemetry datasets that require long-term retention for analytics or compliance.

Microsoft adds policy to remove preinstalled Store apps

🛠️ Microsoft now enables IT administrators to remove selected pre-installed Microsoft Store apps on Windows 11 Enterprise 25H2 and Education 25H2 devices using a new app management policy. The policy can be applied via CSP, Group Policy, or the Microsoft Intune settings catalog and is disabled by default until explicitly enabled by admins. Once enforced, targeted packages and associated local app data are deprovisioned and deleted from devices, removing the need for custom Windows images or brittle scripts.

Amazon Cognito Adds Resource Indicators for OAuth 2.0

🔐 Amazon Cognito now accepts resource indicators in OAuth 2.0 access token requests, enabling app clients to request tokens targeted to a specific protected resource rather than a broad service audience. After authenticating the client, Cognito issues an access token with the aud claim set to that resource. This replaces prior workarounds that relied on non‑standard claims or custom scopes and simplifies issuing resource‑specific tokens for agents and other clients. The capability is available to Cognito Managed Login customers on Essentials and Plus tiers in Regions where Cognito is offered, including AWS GovCloud (US).

Amazon Location Service adds granular API key restrictions

🔒 AWS has introduced enhanced API key restrictions for Amazon Location Service to help developers secure location-based applications. Keys can now be bound to specific Android applications using package names and SHA-1 certificate fingerprints, or to iOS apps using Bundle IDs, enabling separate keys for testing and production. The feature is available in multiple AWS Regions and is configurable via the console or APIs. This reduces the risk of key misuse and enforces app-level access control.

Cloudflare Radar's Evolution: Expanding Internet Observability

📡 Since its 2020 debut, Cloudflare Radar has evolved into a comprehensive observability platform that aggregates Cloudflare telemetry to illuminate security, performance, and usage trends. Initially centered on Radar Internet Insights, Domain Insights, and IP Insights, the service has grown to include Certificate Transparency metrics, TCP reset/timeouts visibility, post-quantum adoption tracking, and AI-focused crawler analytics. Radar also added routing tools such as route leak and origin hijack detection, real-time BGP views, AS-SET monitoring, and notifications, while improving programmatic access via the Radar API and an MCP server for LLM integration. Popular utilities like the URL Scanner, expanded search and date-range options, and internationalized interfaces reinforce Radar's mission to make the Internet more observable and resilient.

Cloudflare Speed Test: Measuring Real-World Internet Quality

⚡ Cloudflare’s Speed Test measures the quality users actually experience rather than peak bandwidth. It sends predefined data blocks via the Network Quality API from the user’s browser to Cloudflare Workers routed by anycast, recording idle and loaded latency, jitter, packet loss, and throughput across sizes. Results appear live and culminate in an AIM score summarizing suitability for streaming, gaming, or conferencing.

Introducing TLD Insights on Cloudflare Radar Dashboard

📊 Cloudflare Radar now offers a dedicated Top-Level Domain (TLD) landing page and per-TLD reports that aggregate popularity, activity, and security signals. The new pages rank TLDs using a DNS Magnitude score based on unique client networks querying 1.1.1.1, and provide DNS, RDAP/WHOIS, Certificate Transparency, and registration information where available. Interactive charts, maps, and API access help TLD managers and site owners monitor visibility, abuse trends, and certificate issuance.

Amazon ECS Managed Instances Now in All Commercial Regions

🚀 Amazon ECS Managed Instances is now available in all commercial AWS Regions as a fully managed, EC2-based compute option that reduces infrastructure management overhead while retaining the full capabilities of Amazon EC2. Managed Instances dynamically scales EC2 capacity, continuously optimizes task placement, and applies security patching on a 14-day cadence. You specify task requirements such as vCPU, memory, and CPU architecture, and Amazon ECS provisions and operates optimal instances in your account. Management fees apply in addition to regular EC2 charges.

Amazon Redshift Serverless Now in Osaka and Malaysia

🚀 Amazon Redshift Serverless is now generally available in the AWS Asia Pacific (Osaka) and Asia Pacific (Malaysia) regions. It enables data analysts, developers, and data scientists to run and scale analytics without provisioning or managing clusters by automatically provisioning and intelligently scaling compute capacity. You pay per-second for compute and can query data in-place from Amazon S3 (including Apache Parquet), use Redshift data shares, restore provisioned snapshots, or work through the Query Editor V2 or existing BI tools.

SageMaker Unified Studio adds searchable match context

🔍 Amazon SageMaker in Unified Studio now surfaces additional search context that clarifies why each result appears by showing which metadata fields matched a query. Inline highlighting emphasizes matched terms and an explanation panel details matches across name, description, glossary, schema, and other metadata. The enhancement reduces time spent evaluating irrelevant assets by presenting match evidence directly in search results, enabling quicker validation without opening individual assets. The capability is available in all AWS Regions where SageMaker is supported.

CrowdStrike Named Leader in 2025 Frost Radar for SSPM

🔒 CrowdStrike was named the Growth and Innovation Leader in the 2025 Frost Radar for SaaS Security Posture Management. The recognition highlights Falcon Shield, a fully native extension of the unified Falcon platform that correlates SaaS, endpoint and identity telemetry to deliver identity-centric detection, attack-path visualization and automated remediation. Frost & Sullivan cited >219% year-over-year growth and praised integrations such as Falcon Fusion SOAR and the Charlotte AI agentic system. Falcon Shield also offers 180+ prebuilt connectors and a no-code Integration Builder to scale protection and reduce mean time to remediation.

Top IAM Vendors for Zero Trust and Identity Security

🔑 Identity is becoming the new perimeter as organizations accelerate the move to Zero Trust, making robust Identity & Access Management essential for secure access and continuity. This roundup examines leading IAM vendors and highlights capabilities in IGA, PAM, IDaaS, CIEM and risk-based authentication. Profiles cover strengths, pricing and integration trade-offs for vendors including CyberArk, Okta, Microsoft Entra ID, SailPoint, Avatier and BeyondTrust to help CISOs match products to requirements.

Predictive Scaling Now Available in Six More AWS Regions

⚙️ AWS has expanded Predictive Scaling for EC2 Auto Scaling to six additional regions: Asia Pacific (Hyderabad), Asia Pacific (Melbourne), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), and Europe (Zurich). Predictive Scaling learns from historical patterns and launches instances ahead of anticipated demand to reduce over-provisioning, lower EC2 costs, and keep applications responsive. It complements real-time policies like Target Tracking and Simple Scaling and can be previewed using a "Forecast Only" mode. The feature is available via the console, AWS CLI, CloudFormation, and AWS SDKs.

Cloudflare Page Shield Thwarted npm Supply-Chain Attack

🛡️ In early September 2025 attackers published malicious releases to 18 widely used npm packages, enabling crypto‑stealing and token exfiltration. Cloudflare's Page Shield static analysis and ML pipeline — including an MPGCN on JavaScript ASTs — inspects 3.5 billion scripts per day and would have detected these compromised packages. Inference completes in under 0.3s and ensemble review reduces false positives, protecting customers from similar supply‑chain threats.

VPC Reachability & Network Access Analyzers Now in GovCloud

🔍 Amazon announced that VPC Reachability Analyzer and VPC Network Access Analyzer are now available in AWS GovCloud (US-West) and AWS GovCloud (US-East). Reachability Analyzer diagnoses network paths between source and destination resources in VPCs to identify misconfigurations such as missing route table entries across accounts. Network Access Analyzer finds unintended access paths by letting you define scopes to ensure traffic traverses required controls, for example verifying web app traffic goes through a firewall. See the product documentation and the Network Analysis section of the Amazon VPC pricing page for details.

Amazon VPC Reachability and Network Analyzer Now in GovCloud

🛡️ Amazon has launched VPC Reachability Analyzer and VPC Network Access Analyzer in both AWS GovCloud (US‑West) and GovCloud (US‑East) Regions. These tools let administrators diagnose network reachability between source and destination resources across VPCs and accounts, for example identifying missing route table entries that block EC2-to-EC2 connectivity. Network Access Analyzer finds unintended access paths such as traffic that bypasses firewalls so teams can enforce security and compliance scopes. For pricing and operational details consult the VPC Network Analysis pricing information.

Amazon Aurora DSQL Adds Resource-Based Policies Support

🔒 Amazon Web Services has added resource-based policies to Aurora DSQL, letting administrators define which IAM principals can perform specific IAM actions on Aurora DSQL resources. Policies also support Block Public Access (BPA) controls to restrict access to public or VPC endpoints. The capability is available now in a set of regions and the documentation provides guidance to get started.

How Five Agencies Built Impossible Ads with Gemini

🎨 Google showcased how five agencies used Gemini 2.5 Pro and complementary generative media models to produce ambitious ad campaigns that blend nostalgia, personalization, and scalable visual storytelling. Projects ranged from a retro AI radio for Slice to personalized "postcard" ads for Virgin Voyages, AI co-hosts and party themes for Smirnoff, crowdsourced mascots for Visit Orlando, and cinematic short film work with Moncler. Results highlighted rapid production, measurable engagement lifts, and cross-product workflows across Imagen, Veo, Lyria, and Vertex AI. The post invites brands to explore these tools for creative scale and efficiency.

Proteomics AI Agent: Guided Protocols and Error Detection

🔬 Researchers at the Max Planck Institute of Biochemistry and Google Cloud created a Proteomics Lab Agent using the Agent Development Kit and Gemini models to provide personalized, multimodal AI guidance for mass spectrometry experiments. The agent analyzes recorded steps to generate publication-ready protocols, detect procedural errors, and capture tacit expertise into a searchable knowledge base. Open-sourced on GitHub, it aims to reduce troubleshooting time and improve reproducibility across labs.

AWS outage: DynamoDB DNS failure caused disruption

⚠️ Amazon says a major DNS failure in DynamoDB's DNS management system triggered a widespread AWS outage focused on the us-east-1 (Northern Virginia) region. A race condition at 11:48 PM PDT caused the accidental deletion of all IP addresses for the regional DynamoDB public endpoint, producing immediate DNS resolution failures for customer and internal traffic. The fault cascaded across services, kept automated recovery from restoring consistency, and required manual operator intervention to recover. AWS has disabled the problematic DNS automation globally, added protective checks, improved throttling, built new test suites, and apologized for the impact.